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Reply to Official Action of January 31, 2006 

Amendments to the Drawings : 

In view of the Official Action's objection to the drawings as not including reference 
callouts mentioned in the specification, the attached replacement drawing sheet, which includes 
FIG. 4, illustrates a protocol stack and interaction thereof with a security policy database (SPD) 
and security association database (SAD) according to one embodiment of the present invention. 
In FIG. 4, callouts 56a and 56b reference the SAD and SPD, respectively. 

Attachment: Replacement Sheet (FIG. 3) 
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REMARKS/ARGUMENTS 

The first Official Action rejects all of the pending claims, namely Claims 1-20, under 35 
U.S.C. § 102(b) as being anticipated by U.S. Patent No. 6,330,562 to Boden et al. In addition, 
the Official Action objects to FIGS. 1-3, 5 A and 5B as failing to include a legend identifying 
those figures as illustrating prior art, and objects to FIG. 4 as not including callouts for the 
illustrated SAD 56a and SPD 56b. In response thereto, Applicant has amended FIG. 4 to include 
the aforementioned callouts. As explained below, Applicant has not amended any of FIGS. 1-3, 
5 A and 5B in view of the objection thereto, or amended any of the claims in view of the rejection 
thereof. As explained below, Applicant respectfully submits that FIGS. 1-3, 5 A and 5B do not, 
in fact, illustrate prior art; and respectfully submit that the claimed invention is patentably 
distinct from Boden. Accordingly, Applicant respectfully traverses the respective objection to 
the drawings and rejection of the claims. Nonetheless, Applicant has amended various ones of 
the claims to further clarify the claimed invention. In view of the amendments to FIG. 4 and the 
claims, and the remarks presented herein, Applicant respectfully requests reconsideration and 
allowance of all of the pending claims of the present application. 

A. The Drawings are Proper 

The Official Action objects to FIGS. 1-3, 5A and 5B as failing to include a legend 
identifying those figures as illustrating prior art, and objects to FIG. 4 as not including callouts 
for the illustrated SAD 56a and SPD 56b. In response, Applicant has amended FIG. 4, adding 
callouts referencing the aforementioned SAD and SPD. Accordingly, Applicant respectfully 
submits that the objection to FIG. 4 is overcome. As to the objection to FIGS. 1-3, 5 A and 5B as 
failing to include the legend identifying those figures as illustrating prior art, Applicant 
respectfully submits that those figures do not in fact illustrate prior art. Rather, FIGS. 1-3, 5 A 
and 5B illustrate systems, apparatuses and methods in accordance with exemplary embodiments 
of the present invention. See Pat. Appl., page 6, line 26 - page 7, line 6. Applicant therefore 
respectfully submits that FIGS. 1-3, 5 A and 5B do not illustrate prior art, and that those figures 
appropriately do not include a legend identifying those figures as such. Thus, Applicant also 
respectfully submits that the objection to FIGS. 1-4 is overcome. 
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B. The Claimed Invention is Patentable over Boden 

With respect to the rejection of Claims 1-20 as being anticipated by Boden, Applicant 
notes that Boden discloses a system and method for managing security objects, including a data 
model for abstracting customer-defined VPN security policy information. As disclosed, such a 
model enables a VPN node (computer system existing in a Virtual Private Network) to gather 
policy configuration information for itself through a GUI or some distributed policy source. The 
VPN node can then store the policy configuration information in a system-defined database, and 
use the information to dynamically negotiate, create, delete, and maintain secure connections at 
the IP level with other VPN nodes. 

The present patent application is directed to systems and methods for providing a 
common layer for security services and cryptographic keys stored at a central location. As 
currently recited by amended independent Claim 1, for example, a method of creating and 
maintaining a centralized key store includes providing a plurality of security policies. Each of 
the security policies includes an application instance identifier associated with a security service, 
and at least two of the application instance identifiers are associated with different security 
services. As also recited, the method further includes creating one or more security associations 
based upon the security service(s) associated with the application instance identifier(s) to thereby 
create a centralized key store including the security policies and security association(s). 

In contrast to amended independent Claim 1, Boden does not teach or suggest a 
centralized key store with security policies, each of which includes an application instance 
identifier associated with a security service, or one or more security associations created based 
upon security servicers') associated with the application instance identifier(s) . In this regard, 
Boden does disclose abstracting information about connections in a VPN environment, such as 
between a system using TCP/IP and a system using IPSec. Boden also discloses dynamically 
generating security policies (IPSec filter rules), such as to accommodate dynamically-assigned IP 
addresses. In no event, however, does Boden disclose applying a security service other than 
IPSec such that the security policies include application instance identifiers associated with 
security services. The claimed invention, on the other hand, recites a centralized key store 
including a plurality of security policies each of which includes an application instance identifier 
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associated with a respective security service, at least two of the application instance identifiers 
being associated with different security services . 

Applicant therefore respectfully submits that amended independent Claim 1, and by 
dependency Claims 2-5, are patentably distinct from Boden. Applicant also respectfully submits 
that amended independent Claims 6, 1 1 and 16 recite subject matter similar to that of amended 
independent Claim 1, including the aforementioned centralized key store. Applicant therefore 
respectfully submits that amended independent Claims 6, 1 1 and 16, and by dependency Claims 
7-10, 12-15 and 17-20, are also patentably distinct from Boden for at least the reasons given 
above with respect to amended independent Claim 1. 

For at least the foregoing reasons, Applicant respectfully submits that the rejection of 
Claims 1-20 as being anticipated by Boden is overcome. 
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CONCLUSION 



In view of the amendments to the drawings and claims, and the remarks presented above, 
Applicant respectfully submits that the present application is in condition for allowance. As 
such, the issuance of a Notice of Allowance is therefore respectfully requested. In order to 
expedite the examination of the present application, the Examiner is encouraged to contact 
Applicant's undersigned attorney in order to resolve any remaining issues. 

It is not believed that extensions of time or fees for net addition of claims are required, 
beyond those that may otherwise be provided for in documents accompanying this paper. 
However, in the event that additional extensions of time are necessary to allow consideration of 
this paper, such extensions are hereby petitioned under 37 CFR § 1.136(a), and any fee required 
therefore (including fees for net addition of claims) is hereby authorized to be charged to Deposit 
Account No. 16-0605. 
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APPENDIX 



1 . Replacement Sheet (FIG. 4) 



